Blame Passwords for the Massive WannaCrypt Malware Attack

by Ori Eisen

May 13, 2017

You’ve likely already read about the WannaCrypt malware cyberattack targeting businesses and the critical infrastructures of more than 100 countries. News spread like wildfire on Friday afternoon after British hospitals were targeted and only got bigger as the day went on. While it looks like the attack has now been stopped, there is nothing preventing this from happening again.

In fact, I will guarantee it will, and next time it will be bigger.

But there is a simple solution for all of this: stop using passwords. Our continued reliance on a piece of outdated technology that no longer works is partially to blame for these attacks. Malware – of which there are millions of new threats daily – easily saves a user’s static password and username, allowing attackers to masquerade as anyone online. If more businesses stopped trusting passwords and instead integrated dynamic logins with anti-replay technology, malware wouldn’t be successful. Instead, the system would instantly know an unauthorized user was trying to access an account and stop the attack before there was any damage.

By putting our trust in passwords, we put everything at risk. This time around, hospitals and railway stations were attacked. We have already seen city alarm systems and water dams. Next time it could be electricity grids and nuclear power plants. The consequences are real. Citizens must demand a better solution that actually keeps them safe.